Default entities and retweets

Where applicable, entities and retweets are returned by default. Entities are returned as part of Tweet objects unless the include_entities parameter is set to false. Native retweets are included in timelines unless the include_rtsparameter is set to false.

Authentication on all endpoints

Applications must authenticate all requests with OAuth 1.0a or Application-only authentication. This allows us to prevent abusive behavior, and it also helps us to further understand how categories of applications are using the API. We apply this understanding to better meet the needs of developers as we continue to evolve the platform.

Rate limiting

The rate limit window is divided into 15 minute chunks per endpoint, with most individual calls allowing for 15 requests in each window. Be sure to read the Rate Limiting documentation as well as to review the per-method limits available here.

Twitter client policies

All applications replicating the core Twitter experience, usually called “clients”, must adhere to certain restrictions, including a 100,000 user token limit. To be clear, the 100,000 user token limit applies only to the small number of clients replicating the core Twitter experience - it does not apply to the majority of other applications in the broader ecosystem. These clauses are outlined in detail in the Developer Policy.